17+个ASP.NET MVC扩展点,含源码{转}

1、自定义一个HttpModule,并将其中的方法添加到HttpApplication相应的事件中
即:创建一个实现了IHttpmodule接口的类,并将配置WebConfig。在自定义的HttpModule中,可以将一个方法注册到HttpApplication的任意一个事件中,在之后执行HttpApplication一些列事件时,按照事件的顺序(事件又按照添加方法先后的顺序)执行注册在事件中的方法!

namespace MvcStore.Models
{
    public class ExcuteHttpRequestModule:IHttpModule
    {
        public void Init(HttpApplication context)
        {
            context.PostResolveRequestCache+=new EventHandler(this.context_ExecuteHttpRequst);
            
        }
        public void Dispose()
        {
            
        }
 
        public void context_ExecuteHttpRequst(object sender, EventArgs e)
        {
            HttpRequest httpRequest = HttpContext.Current.Request;
            Uri previousUri = httpRequest.UrlReferrer;
        }
    }
}
<?xml version="1.0" encoding="utf-8"?>
<!--
  有关如何配置 ASP.NET 应用程序的详细信息,请访问
  http://go.microsoft.com/fwlink/?LinkId=152368
  -->
 
<configuration>
  <appSettings>
    <add key="webpages:Version" value="1.0.0.0"/>
    <add key="ClientValidationEnabled" value="true"/>
    <add key="UnobtrusiveJavaScriptEnabled" value="true"/>
  </appSettings>
     
  <system.web>
    <!--自定义HttpModule,仅添加一下此段代码即可-->
    <httpModules>
      <add name="ExecuteHttpRequestModule" type="MvcStore.Models.ExcuteHttpRequestModule"/>
    </httpModules>
     
     ......等
</configuration>

例:创建一个HttpModule(实现IHttpModule接口),并将一个方法注册到HttpApplication的BeginRequest(HttpAppliaction的第一个事件)事件中,即:由于该方法注册在HttpApplication第一个事件中,所有无论是合法还是非法的请求地址,该方法都会被执行。

利用HttpModule扩展知识,并通过NLog来完成写请求日志:源码下载

补充:在ASP.NET MVC中,css和js的请求是合并到一起发送给服务端的!

2、添加路由规则

//微软定义的MapRoute方法
routes.MapRoute(
               "Default", // 路由名称
               "{controller}/{action}/{id}", // 带有参数的 URL
               new { controller = "Home", action = "Index", id = UrlParameter.Optional } // 参数默认值
           );

3、自定义MapRoute方法

  第一步中MapRoute方法其实就是RouteCollection的扩展方法,我们也可以定义一个。

namespace System.Web.Mvc
{
    
    public static class RouteCollectionExtensions
    {
        public static Route MapRoute(this RouteCollection routes, string name, string url)
        {
            return routes.MapRoute(name, url, null, null);
        }

        public static Route MapRoute(this RouteCollection routes, string name, string url, object defaults)
        {
            return routes.MapRoute(name, url, defaults, null);
        }
    
        public static Route MapRoute(this RouteCollection routes, string name, string url, object defaults, object constraints)
        {
            return routes.MapRoute(name, url, defaults, constraints, null);
        }
        
        public static Route MapRoute(this RouteCollection routes, string name, string url, string[] namespaces)
        {
            return routes.MapRoute(name, url, null, null, namespaces);
        }
        
        public static Route MapRoute(this RouteCollection routes, string name, string url, object defaults, string[] namespaces)
        {
            return routes.MapRoute(name, url, defaults, null, namespaces);
        }
        
        public static Route MapRoute(this RouteCollection routes, string name, string url, object defaults, object constraints, string[] namespaces)
        {
            if (routes == null)
            {
                throw new ArgumentNullException("routes");
            }
            if (url == null)
            {
                throw new ArgumentNullException("url");
            }
            Route route = new Route(url, new MvcRouteHandler())
            {
                Defaults = new RouteValueDictionary(defaults),
                Constraints = new RouteValueDictionary(constraints),
                DataTokens = new RouteValueDictionary()
            };
            if (namespaces != null && namespaces.Length > 0)
            {
                route.DataTokens["Namespaces"] = namespaces;
            }
            routes.Add(name, route);
            return route;
        }
    }
}
//自定义的MapRoute方法
namespace MvcExtension.Models
{

    public static class MyRouteCollectionExtensions
    {
        /// <summary>
        /// 自定义MapRoute方法
        /// </summary>
        /// <param name="routes"></param>
        /// <param name="routeHandler"></param>
        /// <param name="name"></param>
        /// <param name="url"></param>
        /// <param name="defaults"></param>
        /// <param name="constraints"></param>
        /// <param name="namespaces"></param>
        /// <returns></returns>
        public static Route MyMapRoute(this RouteCollection routes, IRouteHandler routeHandler, string name, string url,
            object defaults, object constraints, string[] namespaces)
        {
            if (routes == null)
            {
                throw new ArgumentNullException("routes");
            }
            if (url == null)
            {
                throw new ArgumentNullException("url");
            }
            if (routeHandler == null)
            {
                throw new ArgumentNullException("routeHandler");
            }
            Route route = new Route(url, routeHandler)
            {
                Defaults = new RouteValueDictionary(defaults),
                Constraints = new RouteValueDictionary(constraints),
                DataTokens = new RouteValueDictionary()
            };
            if (namespaces != null && namespaces.Length > 0)
            {
                route.DataTokens["Namespaces"] = namespaces;
            }
            routes.Add(name, route);
            return route;
        }

        /// <summary>
        /// 自定义MapRoute方法
        /// </summary>
        /// <param name="routes"></param>
        /// <param name="name"></param>
        /// <param name="route"></param>
        /// <returns></returns>
        public static Route MyMapRoute(this RouteCollection routes, string name, Route route)
        {
            if (routes == null)
            {
                throw new ArgumentNullException("routes");
            }
            if (route == null)
            {
                throw new ArgumentNullException("route");
            }
            routes.Add(name, route);
            return route;
        }
    }
}

注:在微软提供的MapRoute方法中可以看出,创建Route对象时,其构造函数的参数中有:new MvcRouteHandler。这个MvcRouteHandler用于之后创建HttpHandler对象,HttpHandler就是用来最后处理请求的!

4、自定义MvcRouteHandler
  即:实现IRouteHandler接口,MVC默认使用MvcRouteHandler来创建HttpHandler对象,用来处理请求!

//微软定义的MvcRouteHandler
namespace System.Web.Mvc
{
    public class MvcRouteHandler : IRouteHandler
    {
        private IControllerFactory _controllerFactory;
        public MvcRouteHandler()
        {
        }
        public MvcRouteHandler(IControllerFactory controllerFactory)
        {
            this._controllerFactory = controllerFactory;
        }
        protected virtual IHttpHandler GetHttpHandler(RequestContext requestContext)
        {
            requestContext.HttpContext.SetSessionStateBehavior(this.GetSessionStateBehavior(requestContext));
            return new MvcHandler(requestContext);
        }
        protected virtual SessionStateBehavior GetSessionStateBehavior(RequestContext requestContext)
        {
            string controllerName = (string)requestContext.RouteData.Values["controller"];
            IControllerFactory controllerFactory = this._controllerFactory ?? ControllerBuilder.Current.GetControllerFactory();
            return controllerFactory.GetControllerSessionBehavior(requestContext, controllerName);
        }
        IHttpHandler IRouteHandler.GetHttpHandler(RequestContext requestContext)
        {
            return this.GetHttpHandler(requestContext);
        }
    }
}

定义:我们自定义MvcRouteHandler时只需实现IRouteHandler接口,具体实现参照微软定义的MvcRouteHandler类

public class MyRouteHandler:IRouteHandler
{
    public MyRouteHandler()
    {
    }
 
    protected virtual IHttpHandler GetHttpHandler(RequestContext requestContext)
    {
        return new MvcHandler(requestContext);
    }
 
    IHttpHandler IRouteHandler.GetHttpHandler(RequestContext requestContext)
    {
        return this.GetHttpHandler(requestContext);
    }
}

使用:结合2中创建的自定义的MapRoute方法,将自己的MvcRouteHandler对象添加到Route对象中!
第2、3、4步骤示例:源码下载
5、自定义MvcHandler
对于微软的类MvcHandler其实就是一个HttpHandler(实现IHttpHandler接口),在MVC整个处理机制中,MvcHandler接收到请求并激活Controller、执行Action、View的呈现 等。MvcHandler是执行MvcRouteHandler的GetHttpHandler方法得到的!

public class MyMvcHandler : IHttpHandler
{
    public bool IsReusable
    {
        get { return false; }
    }
    public void ProcessRequest(HttpContext context)
    {
        HttpContext.Current.Response.Write("自定义的MvcHandler处理请求");
    }
}

在第2、3、4步骤的基础上,使用自定义MvcHandler处理请求:源码下载

6、自定义ControllerFactory
ControllerFactory用于Controller的激活,也就是创建Controller对象。对于MVC,这个ControllerFactiory是通过ControllerBuilder.Current.GetControllerFactory();得到,默认得到的ControllerFactory是DefaultControllerFactory对象!

public class MvcHandler : IHttpAsyncHandler, IHttpHandler, IRequiresSessionState
{

    internal ControllerBuilder ControllerBuilder
    {
        get
        {
            if (this._controllerBuilder == null)
            {
                this._controllerBuilder = ControllerBuilder.Current;
            }
            return this._controllerBuilder;
        }
        set
        {
            this._controllerBuilder = value;
        }
    }

    protected virtual void ProcessRequest(HttpContext httpContext)
    {
        HttpContextBase httpContext2 = new HttpContextWrapper(httpContext);
        this.ProcessRequest(httpContext2);
    }
    
    protected internal virtual void ProcessRequest(HttpContextBase httpContext)
    {
        SecurityUtil.ProcessInApplicationTrust(delegate
        {
            IController controller;
            IControllerFactory controllerFactory;
            this.ProcessRequestInit(httpContext, out controller, out controllerFactory);
            try
            {
                controller.Execute(this.RequestContext);
            }
            finally
            {
                controllerFactory.ReleaseController(controller);
            }
        });
    }
    private void ProcessRequestInit(HttpContextBase httpContext, out IController controller, out IControllerFactory factory)
    {
        if (ValidationUtility.IsValidationEnabled(HttpContext.Current) == true)
        {
            ValidationUtility.EnableDynamicValidation(HttpContext.Current);
        }
        this.AddVersionHeader(httpContext);
        this.RemoveOptionalRoutingParameters();
        string requiredString = this.RequestContext.RouteData.GetRequiredString("controller");
        //获取ControllerFactory
        factory = this.ControllerBuilder.GetControllerFactory();
        controller = factory.CreateController(this.RequestContext, requiredString);
        if (controller == null)
        {
            throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, MvcResources.ControllerBuilder_FactoryReturnedNull, new object[]
            {
                factory.GetType(),
                requiredString
            }));
        }
    }
}

MvcHandler
public class ControllerBuilder
{
    private Func<IControllerFactory> _factoryThunk = () => null;
    //静态变量,自己创建本身对象
    private static ControllerBuilder _instance = new ControllerBuilder();
    private HashSet<string> _namespaces = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
    private IResolver<IControllerFactory> _serviceResolver;

    //Current
    public static ControllerBuilder Current
    {
        get
        {
            return ControllerBuilder._instance;
        }
    }

    public HashSet<string> DefaultNamespaces
    {
        get
        {
            return this._namespaces;
        }
    }

    public ControllerBuilder() : this(null)
    {
    }

    internal ControllerBuilder(IResolver<IControllerFactory> serviceResolver)
    {
        IResolver<IControllerFactory> arg_6A_1 = serviceResolver;
        if (serviceResolver == null)
        {
            //默认情况下,_serviceResolver赋值为new DefaultControllerFactory
            arg_6A_1 = new SingleServiceResolver<IControllerFactory>(() => this._factoryThunk(), new DefaultControllerFactory
            {
                ControllerBuilder = this
            }, "ControllerBuilder.GetControllerFactory");
        }
        this._serviceResolver = arg_6A_1;
    }

    public IControllerFactory GetControllerFactory()
    {
        //_serviceResolver.Current得到的是DefaultControllerFactory对象,在构造函数中赋值
        return this._serviceResolver.Current;
    }

    public void SetControllerFactory(IControllerFactory controllerFactory)
    {
        if (controllerFactory == null)
        {
            throw new ArgumentNullException("controllerFactory");
        }
        this._factoryThunk = (() => controllerFactory);
    }

    public void SetControllerFactory(Type controllerFactoryType)
    {
        if (controllerFactoryType == null)
        {
            throw new ArgumentNullException("controllerFactoryType");
        }
        if (!typeof(IControllerFactory).IsAssignableFrom(controllerFactoryType))
        {
            throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, MvcResources.ControllerBuilder_MissingIControllerFactory, new object[]
            {
                controllerFactoryType
            }), "controllerFactoryType");
        }
        this._factoryThunk = delegate
        {
            IControllerFactory result;
            try
            {
                result = (IControllerFactory)Activator.CreateInstance(controllerFactoryType);
            }
            catch (Exception innerException)
            {
                throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, MvcResources.ControllerBuilder_ErrorCreatingControllerFactory, new object[]
                {
                    controllerFactoryType
                }), innerException);
            }
            return result;
        };
    }
}

ControllerBuilder

上述两个类,MvcHandler中通过GetControllerFactory获取的就是通过ControllerBuilder的SetControllerFactory方法设置ControllerFactory(没有设置时,默认是DefaultControllerFactory)。这就是我们创建自定义ControllerFactory的入口

public class MyControllerFactory:IControllerFactory
{
    public IController CreateController(System.Web.Routing.RequestContext requestContext, string controllerName)
    {
       //根据controllerName和命名空间,通过反射创建Controller对象
        return null;
    }
 
    public System.Web.SessionState.SessionStateBehavior GetControllerSessionBehavior(System.Web.Routing.RequestContext requestContext, string controllerName)
    {
        //获取控制器的会话行为。
        return System.Web.SessionState.SessionStateBehavior.Default;//这里是随便列举的一个
    }
 
    public void ReleaseController(IController controller)
    {
        //释放Controller
    }
}
public class MvcApplication : System.Web.HttpApplication
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());
    }
 
    public static void RegisterRoutes(RouteCollection routes)
    {
        routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
        routes.MapRoute(
            "Default", // 路由名称
            "{controller}/{action}/{id}", // 带有参数的 URL
            new {controller = "Home", action = "Index", id = UrlParameter.Optional} // 参数默认值
            );
 
    }
 
    protected void Application_Start()
    {
        AreaRegistration.RegisterAllAreas();
 
        RegisterGlobalFilters(GlobalFilters.Filters);
        RegisterRoutes(RouteTable.Routes);
        //设置MyControllerFactory,让MyControllerFactory完成controller的激活
        ControllerBuilder.Current.SetControllerFactory(new MyControllerFactory());
    }
}

上面就是简单的列举了执行流程,不再进行过多的介绍,因为在实际开发中,一般不会使用自定义一个ControllerFactory,因为其中包含的功能,我们自己来定义时可能考虑的不够全面,如果项目需求必须使用的话,要细看微软在DefaultControllerFactory中各种功能!!!既然不用自定义的ContollerFactory,那么就只能用DefaultControllerFactory了,DefaultControllerFactory中也有扩展点让我们利用,就是下面第7中介绍的!

7、自定义ControllerActivator

  在6中我们讲到,DefaultControllerFactory用于创建Controller对象,而这个ControllerActivator实际上就是DefaultControllerFactory中负责创建Controller对象“组件”。默认情况下,使用的是微软提供的DefaultControllerActivator(DefaultControllerFactory的构造函数中设置)。

private class DefaultControllerActivator : IControllerActivator
{
    private Func<IDependencyResolver> _resolverThunk;
    public DefaultControllerActivator() : this(null)
    {
    }
    public DefaultControllerActivator(IDependencyResolver resolver)
    {
        if (resolver == null)
        {
            this._resolverThunk = (() => DependencyResolver.Current);
            return;
        }
        this._resolverThunk = (() => resolver);
    }
    public IController Create(RequestContext requestContext, Type controllerType)
    {
        IController result;
        try
        {
            result = (IController)(this._resolverThunk().GetService(controllerType) ?? Activator.CreateInstance(controllerType));
        }
        catch (Exception innerException)
        {
            throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, MvcResources.DefaultControllerFactory_ErrorCreatingController, new object[]
            {
                controllerType
            }), innerException);
        }
        return result;
    }
}

微软:DefaultControllerActivator

自定义:
  定义:实现IControllerActivator接口
  使用:通过DefaultControllerFactory的构造函数将自定义ControllerActivator “注入”。
           在Global.asax中添加 ---> ControllerBuilder.Current.SetControllerFactory(new DefaultControllerFactory(new MyControllerActivator()));

public class MyControllerActivator:IControllerActivator
{
    public IController Create(System.Web.Routing.RequestContext requestContext, Type controllerType)
    {
        return (IController)Activator.CreateInstance(controllerType);
    }
}
protected void Application_Start()
{
    AreaRegistration.RegisterAllAreas();
 
    RegisterGlobalFilters(GlobalFilters.Filters);
    RegisterRoutes(RouteTable.Routes);
 
    ControllerBuilder.Current.SetControllerFactory(new DefaultControllerFactory(new MyControllerActivator()));
}

应用场景1:在Controller激活之前做一些操作
  应用场景2:通过Controller的构造函数实现在创建Controller对象时“注入”值!因为默认情况下,激活Controller的时候是执行的其无参数构造函数!

应用场景2+依赖注入:源码下载

8、自定义ActionInvoker

  ActionInvoker用于去执行被请求的Action方法,这过程中包含了 View的呈现 以及执行各种应用在Action上的特性(HttpMethod、Filter、DisplayName...等),由于功能忒多,所以不到不得已也不建议自己重写ActionInvoker。不过如果项目需要,可以继承微软默认使用的 ControllerActionInvoker,从而在已有功能的基础上添加自己的需要的功能!

 自定义:
  定义:实现IActionInvoker接口
  使用:在Controller的构造函数中设置自己的ActionInvoker

public class MyActionInvoker:IActionInvoker
{
    public bool InvokeAction(ControllerContext controllerContext, string actionName)
    {
        //根据action名称去找Action并执行,其中包括了 View的呈现 以及 应用在Action上的各种特性的执行
        //return false; //执行失败
        return true;    //执行成功
    }
}
public class HomeController : Controller
{
    //微软的ControllerActivator激活Controller时,执行的就是无参数的构造函数!
    public HomeController()
    {
        base.ActionInvoker = new MyActionInvoker();
    }
 
    public ActionResult Index()
    {
        return Content("ddd");
    }
 
}

仅第8步骤示例:源码下载

下面的9、10、11讲的是和特性相关的扩展,所以在介绍它们之前先来复习下MVC中使用的特性种类和处理流程:

  种类:

    ActionNameSelectorAttribute 
        ActionNameAttribute
    ActionMethodSelectorAttribute
        AcceptVerbsAttribute
        HttpDeleteAttribute
        HttpGetAttribute
        HttpPostAttribute
        HttpPutAttribute
        NonActionAttribute
        HttpHeadAttribute
        HttpOptionsAttribute
        HttpPatchAttribute //灰色字体的是MVC4中新增的!
    FilterAttribute、IActionFilter或IAuthorizationFilter或IExceptionFilter或IResultFilter
        自定义类去实现相应接口

  处理流程:Contrller激活之后,要从Controller对象的方法中查找当前请求的Action,那么其流程为 ----> 先获取所有应用了ActionName特性并且ActionName特性设置的name=当前请求的Action名称(将符合条件的添加的List<MethodInfo>中),之后去获取所有没有应用ActionName特性的方法并且方法名=当前请求的Action名称,(再将符合条件的添加到之前创建的List<MethodInfo>尾部);再之后对符合名称条件的Action方法集合处理,判断应用在Action方法上的NonAction、AcceptVerbs、HttpGet等6个特性(MVC4有9个特性)是否和当前请求一致;再再之后执行第三种过滤器,需要自己定义且实现接口,并应用在Action上,他们的执行顺序为:【IAuthorizationFilter】--->【IActionFilter】--->【Action方法内部代码】--->【IResultFilter】,如果上述4个过程中有异常抛出,则执行【IExceptionFilter】。个更多处理流程的介绍请猛击这里

9、继承自ActionNameSelectorAttribute 的特性:ActionNameAttribute

  用于对Controller类中Action方法的重命名!当请求指定的 Controller/Action时,将用重命名后的名称去和请求的Action名称匹配。

[AttributeUsage(AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public sealed class ActionNameAttribute : ActionNameSelectorAttribute
{
    public string Name
    {
        get;
        private set;
    }

    public ActionNameAttribute(string name)
    {
        if (string.IsNullOrEmpty(name))
        {
            throw new ArgumentException(MvcResources.Common_NullOrEmpty, "name");
        }
        this.Name = name;
    }

    public override bool IsValidName(ControllerContext controllerContext, string actionName, MethodInfo methodInfo)
    {
        return string.Equals(actionName, this.Name, StringComparison.OrdinalIgnoreCase);
    }
}

微软定义的ActionNameAttribute
public class HomeController : Controller
{
    [ActionName("OtherName")]
    public ActionResult Index()
    {
        return Content("ddd");
    } 
}

如上设置ActionName后,当请求Home/Index就提示找不到无法找到资源,当请求Home/OtherName时,就会去执行这个Index方法!

10、继承自ActionMethodSelectorAttribute的特性:AcceptVerbsAttribute...等

  该类特性中仅NonAction用于指示该方法不作为Action来使用,而其他的5个则都是用于判断Http请求的方式!

  HttpGet    只有客户端发送的是Get请求才能执行该Action
  HttpPost      只有客户端发送的是Post请求才能执行该Action ...Post请求
  HttpDelete     只有客户端发送的是Delete请求才能执行该Action
  HttpPut    只有客户端发送的是Put请求才能执行该Action
  AcceptVerbs  参数是一个枚举(Get、Post等),其功能和以上四个相同
注:由于以上的特性类都应用了: [AttributeUsage(AttributeTargets.Method, AllowMultiple = false, Inherited = true)],所以这些特性只能应用在Action方法上并且每个只能使用一个。

使用:仅列出HttpPost,其他使用方法相同,不再列举。

public class HomeController : Controller
{
    [HttpPost]
    public ActionResult Index()
    {
        return Content("ddd");
    } 
}

如上所示,只有客户端发送的是Post请求时,才能执行该Action。

11、FilterAttribute、IActionFilter或IAuthorizationFilter或IExceptionFilter或IResultFilter

  该类过滤器执行的顺序为:【IAuthorizationFilter】--->【IActionFilter】--->【Action方法内部代码】--->【IResultFilter】,如果上述4个过程中有异常抛出,则执行【IExceptionFilter】。
  由于FilterAttribute类应用了 [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)],所以该类特性可以应用在 类 或 方法 上且默认也只能使用一次,如果想要使用多个同样的特性,可以在自定义的特性上添加: [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]即可。
  该类过滤器有 4 种添加方式:以特性应用在Action方法上、以特性应用在Controller类上、Global.asax文件中RegisterGlobalFilters方法中添加、在Controller中重写各个过滤器方法(因为Controller类都实现各个接口),区别是这4种方式的作用域不同!

   11-1、IAuthorizationFilter

public class MyAuthroizeFilter : FilterAttribute, IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    {   
        //如果此处为filterContext.Result赋一个ActionResult对象,则MVC不会再继续执行下面的过滤器和Action放,而是直接根据这个ActionResult对象进行View的呈现。
        //如果filterContext.Result为null,则MVC继续执行之后的各个过滤器和Action方法!
    }
}
using System;
namespace System.Web.Mvc
{
    /// <summary>Represents an attribute that is used to indicate that an action method should be called only as a child action.</summary>
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
    public sealed class ChildActionOnlyAttribute : FilterAttribute, IAuthorizationFilter
    {
        /// <summary>Called when authorization is required.</summary>
        /// <param name="filterContext">An object that encapsulates the information that is required in order to authorize access to the child action.</param>
        public void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }
            if (!filterContext.IsChildAction)
            {
                throw Error.ChildActionOnlyAttribute_MustBeInChildRequest(filterContext.ActionDescriptor);
            }
        }
    }
}

ChildActionOnlyAttribute
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Principal;
using System.Web.Mvc.Resources;
namespace System.Web.Mvc
{
    /// <summary>Represents an attribute that is used to restrict access by callers to an action method.</summary>
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
    public class AuthorizeAttribute : FilterAttribute, IAuthorizationFilter
    {
        private readonly object _typeId = new object();
        private string _roles;
        private string[] _rolesSplit = new string[0];
        private string _users;
        private string[] _usersSplit = new string[0];
        /// <summary>Gets or sets the user roles.</summary>
        /// <returns>The user roles.</returns>
        public string Roles
        {
            get
            {
                return this._roles ?? string.Empty;
            }
            set
            {
                this._roles = value;
                this._rolesSplit = AuthorizeAttribute.SplitString(value);
            }
        }
        /// <summary>Gets the unique identifier for this attribute.</summary>
        /// <returns>The unique identifier for this attribute.</returns>
        public override object TypeId
        {
            get
            {
                return this._typeId;
            }
        }
        /// <summary>Gets or sets the authorized users.</summary>
        /// <returns>The authorized users.</returns>
        public string Users
        {
            get
            {
                return this._users ?? string.Empty;
            }
            set
            {
                this._users = value;
                this._usersSplit = AuthorizeAttribute.SplitString(value);
            }
        }
        /// <summary>When overridden, provides an entry point for custom authorization checks.</summary>
        /// <returns>true if the user is authorized; otherwise, false.</returns>
        /// <param name="httpContext">The HTTP context, which encapsulates all HTTP-specific information about an individual HTTP request.</param>
        /// <exception cref="T:System.ArgumentNullException">The <paramref name="httpContext" /> parameter is null.</exception>
        protected virtual bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (httpContext == null)
            {
                throw new ArgumentNullException("httpContext");
            }
            IPrincipal user = httpContext.User;
            return user.Identity.IsAuthenticated && (this._usersSplit.Length <= 0 || this._usersSplit.Contains(user.Identity.Name, StringComparer.OrdinalIgnoreCase)) && (this._rolesSplit.Length <= 0 || this._rolesSplit.Any(new Func<string, bool>(user.IsInRole)));
        }
        private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
        {
            validationStatus = this.OnCacheAuthorization(new HttpContextWrapper(context));
        }
        /// <summary>Called when a process requests authorization.</summary>
        /// <param name="filterContext">The filter context, which encapsulates information for using <see cref="T:System.Web.Mvc.AuthorizeAttribute" />.</param>
        /// <exception cref="T:System.ArgumentNullException">The <paramref name="filterContext" /> parameter is null.</exception>
        public virtual void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }
            if (OutputCacheAttribute.IsChildActionCacheActive(filterContext))
            {
                throw new InvalidOperationException(MvcResources.AuthorizeAttribute_CannotUseWithinChildActionCache);
            }
            if (this.AuthorizeCore(filterContext.HttpContext))
            {
                HttpCachePolicyBase cache = filterContext.HttpContext.Response.Cache;
                cache.SetProxyMaxAge(new TimeSpan(0L));
                cache.AddValidationCallback(new HttpCacheValidateHandler(this.CacheValidateHandler), null);
                return;
            }
            this.HandleUnauthorizedRequest(filterContext);
        }
        /// <summary>Processes HTTP requests that fail authorization.</summary>
        /// <param name="filterContext">Encapsulates the information for using <see cref="T:System.Web.Mvc.AuthorizeAttribute" />. The <paramref name="filterContext" /> object contains the controller, HTTP context, request context, action result, and route data.</param>
        protected virtual void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            filterContext.Result = new HttpUnauthorizedResult();
        }
        /// <summary>Called when the caching module requests authorization.</summary>
        /// <returns>A reference to the validation status.</returns>
        /// <param name="httpContext">The HTTP context, which encapsulates all HTTP-specific information about an individual HTTP request.</param>
        /// <exception cref="T:System.ArgumentNullException">The <paramref name="httpContext" /> parameter is null.</exception>
        protected virtual HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext)
        {
            if (httpContext == null)
            {
                throw new ArgumentNullException("httpContext");
            }
            if (!this.AuthorizeCore(httpContext))
            {
                return HttpValidationStatus.IgnoreThisRequest;
            }
            return HttpValidationStatus.Valid;
        }
        internal static string[] SplitString(string original)
        {
            if (string.IsNullOrEmpty(original))
            {
                return new string[0];
            }
            IEnumerable<string> source = 
                from piece in original.Split(new char[]
                {
                    ','
                })
                let trimmed = piece.Trim()
                where !string.IsNullOrEmpty(trimmed)
                select trimmed;
            return source.ToArray<string>();
        }
    }
}

AuthorizeAttribute

==注意:如果在Controller上应用多个不同的IAuthorizationFilter过滤器,他们执行的顺序:由下向上。

  11-2、IActionFilter--->Action方法内部代码--->IResultFilter

  IActionFilter有两个方法OnActionExecuting(在执行操作方法之前调用)、OnActionExecuted(在执行操作方法后调用)。IResultFilter也有两个方法OnResultExecuting(在操作结果执行之前调用)、OnResultExecuted(在操作结果执行后调用),由于这里说的【在执行操作方法后调用】和【在操作结果执行之前调用】容易造成混淆,这里我们就来确定的说明一下其执行流程为:OnActionExecuting--->OnActionExecuted--->Action方法内的代码--->OnResultExecuting--->OnResultExecuted

public class MyActionFilter :FilterAttribute, IActionFilter
{
    public void OnActionExecuted(ActionExecutedContext filterContext)
    {
        //如果此处为filterContext.Result赋一个ActionResult对象,则MVC不会再继续执行下面的过滤器,而是直接根据这个ActionResult对象进行View的呈现。
        //如果filterContext.Result为null,则MVC按照 Action方法内返回的ActionResult进行View的呈现
    }
 
    public void OnActionExecuting(ActionExecutingContext filterContext)
    {
        //如果此处为filterContext.Result赋一个ActionResult对象,则MVC不会再继续执行下面的过滤器和Action方法,而是直接根据这个ActionResult对象进行View的呈现。
        //如果filterContext.Result为null,则MVC继续执行之后的各个过滤器和Action方法!
    }
}
 
public class MyResultFilter : FilterAttribute,IResultFilter
{
 
    public void OnResultExecuted(ResultExecutedContext filterContext)
    {
        //如果此处为filterContext.Result赋一个ActionResult对象,MVC会直接根据这个ActionResult对象进行View的呈现。
        //如果filterContext.Result为null,则MVC按照 Action方法内返回的ActionResult进行View的呈现
    }
 
    public void OnResultExecuting(ResultExecutingContext filterContext)
    {
        //如果此处为filterContext.Result赋一个ActionResult对象,MVC会直接根据这个ActionResult对象进行View的呈现。
        //如果filterContext.Result为null,则MVC按照 Action方法内返回的ActionResult进行View的呈现
    }
}

11-3、IExceptionFilter

  Action方法上应用该特性后,如果执行:IAuthorizationFilter过滤器、IActionFilter过滤器、Action方法内的代码、IResultFilter过滤器,抛出了异常,则会执行该方法!(只要出现有异常,则不会再继续往下执行后面的过滤器)

public class MyExceptionFilter : FilterAttribute, IExceptionFilter
{
    public void OnException(ExceptionContext filterContext)
    {
        //如果filterContext.ExceptionHandled = false(默认),则直接抛出异常。(filterContext.ExceptionHandled表示是否已经处理异常)
        //否则,为filterContext.Result赋一个ActionResult,使用这个ActionResult执行View的呈现!
    }
}

12、自定义ActionResult

   自定义一个ActionResult,只需要继承抽象类ActionResult,并实现其抽象方法ExecuteResult即可!微软中已经定义很多ActionResult(EmptyResult、ContentResult、JsonResult、ViewResult等)。

public class MyActionResult : ActionResult
{
    public override void ExecuteResult(ControllerContext context)
    {
        HttpContext.Current.Response.Write("自定义的ActionResult");
    }
}

使用时,只需要创建一个MyActionResult对象并让Action方法将其返回,或者在第11中任何一个过滤器中创建一个MyActionResult对象并赋值给filterContext.Result。下面是两个使用MyActionResult的例子:

public class HomeController : Controller
{
    public ActionResult Index()
    {
        return new MyActionResult();
    } 
}
public class HomeController : Controller
{
    [MyAuthroizeFilter]
    public ActionResult Index()
    {
        return Content("123");
    } 
}
 
public class MyAuthroizeFilter : FilterAttribute, IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    {
        filterContext.Result = new MyActionResult();
    }
}

定义一个生成验证码的VerifyCodeResult示例:源码下载

 13、自定义HtmlHelper

  在 .cshtml 文件中 使用的 @Html.TextBox(...)等,他们都是HtmlHelper类的扩展方法(定义在System.Web.Mvc.Html.InputExtensions中),更多关于@Html.xxx()方法的详细介绍请:猛击这里

public static class MyHtmlHelperExtensions
{
    public static MvcHtmlString MyControl(this HtmlHelper html, string str)
    {
        return MvcHtmlString.Create("自定义Html标签");
    }
}

使用HtmlHelper扩展开发一个【分页功能】:源码下载

14、自定义ModelBinder

15、自定义ValueProvider

  在学习 第14、15 扩展点之前,先来思考下! 在我们定义的Action方法中,他们的参数值是如何得到的呢? 
  答:通过这第14、15个扩展点会让你对参数值的得到有个清楚的认识!在我的《白话学习MVC系列》的模型绑定一篇中已经做了详细的介绍!【猛击这里】

下面的第16、17扩展点是【View呈现】步骤中,寻找【视图页】过程中用到的,详细介绍:猛击这里

16、指定DefaultDisplayMode
模拟需求:对Phone端用户的某个Action请求,返回电脑版网页。

public ActionResult Index()
{
    this.ControllerContext.DisplayMode = DisplayModeProvider.Instance.Modes[1];
    DisplayModeProvider.Instance.RequireConsistentDisplayMode = true;
    return View();
}

根据上述设置,即使是Phone端的请求并且还存在Index.Mobile.cshtml文件,也会去执行Index.cshtml,即:实现Phone用户访问电脑版网页。

17、自定义DefaultDisplayMode
模拟需求:为Android 2.3用户设置特定的页面
先创建一个类似于Index.Android23.cshtml 的页面,然后在Global.asax中做如下设置即可:

public class MvcApplication : System.Web.HttpApplication
{
    protected void Application_Start()
    {
        AreaRegistration.RegisterAllAreas();
  
        WebApiConfig.Register(GlobalConfiguration.Configuration);
        FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
        RouteConfig.RegisterRoutes(RouteTable.Routes);
        BundleConfig.RegisterBundles(BundleTable.Bundles);
        AuthConfig.RegisterAuth();
  
        DisplayModeProvider.Instance.Modes.Insert(0, new DefaultDisplayMode("Android23")
        {
            ContextCondition = (context => context.GetOverriddenUserAgent().IndexOf
            ("Android 2.3", StringComparison.OrdinalIgnoreCase) >= 0)
        });
    }
}

 

 

posted @ 2014-06-16 09:55  AnswerCard  阅读(299)  评论(0编辑  收藏  举报